Conditionalize ECDH methods in CA algos.

When building against an OpenSSL configured without ECC, don't include
those algos in CASignatureAlgorithms.  ok djm@

diff --git a/myproposal.h b/myproposal.h
index f16729876d996d32945f8eba3515157bee0454bc..9205fb343db5ccbc80ee55b0ac63d851c22e332a 100644 (file)
--- a/myproposal.h
+++ b/myproposal.h
@@ -136,9 +136,7 @@
 
 /* Not a KEX value, but here so all the algorithm defaults are together */
 #define        SSH_ALLOWED_CA_SIGALGS  \
-       "ecdsa-sha2-nistp256," \
-       "ecdsa-sha2-nistp384," \
-       "ecdsa-sha2-nistp521," \
+       KEX_ECDH_METHODS \
        "ssh-ed25519," \
        "rsa-sha2-512," \
        "rsa-sha2-256," \